Jump to content
Seth

"Terminate memory threats before quarantining"

By Seth, in General Questions

Recommended Posts

SUPERAntiSpy   

SUPERAntiSpy
Posted
Why is that disabled by default?

We find many malware samples, when terminated, will replicate themselves or spawn new samples/variants, so we just leave them running and then clean them on reboot.

Share this post

Link to post
Share on other sites

SUPERAntiSpy   

SUPERAntiSpy
Posted
Thank you.

So why have the option at all?

In some cases, when you terminate threats (if they don't replicate) it saves rebooting, so the option is there.

Share this post

Link to post
Share on other sites

infosponge   

infosponge
Posted

Should the malware be removed from quarantine before rebooting?

I would hane done it that way, but now am a little unsure.

Please Advise :)

It's the "Leave Running" statement that is confusing me.

Thanks!

Share this post

Link to post
Share on other sites

SUPERAntiSpy   

SUPERAntiSpy
Posted
Should the malware be removed from quarantine before rebooting?

I would hane done it that way, but now am a little unsure.

Please Advise :)

It's the "Leave Running" statement that is confusing me.

Thanks!

Items in the quarantine are deleted from the system already.

Share this post

Link to post
Share on other sites

infosponge   

infosponge
Posted

Thank You Nick,

But at the risk of sounding dumb, what then is the "Remove" option for?

Do you mean when items are in quarantine all I need do is reboot to remove them from the system, leaving no malware, and my only option is to "Restore" if desired from quarantine, leaving items on my system?

Also, after a reboot, I will no longer see the items?

I realize that once items are in quarantine, they have been removed from the system, but I would have used remove items from quarantine using the remove option.

Feeling really dumb as I am obviously missing something. :oops:

Sorry about the rambling run on sentences!

Thanks Again

Share this post

Link to post
Share on other sites

SUPERAntiSpy   

SUPERAntiSpy
Posted
Thank You Nick,

But at the risk of sounding dumb, what then is the "Remove" option for?

Do you mean when items are in quarantine all I need do is reboot to remove them from the system, leaving no malware, and my only option is to "Restore" if desired from quarantine, leaving items on my system?

Also, after a reboot, I will no longer see the items?

I realize that once items are in quarantine, they have been removed from the system, but I would have used remove items from quarantine using the remove option.

Feeling really dumb as I am obviously missing something. :oops:

Sorry about the rambling run on sentences!

Thanks Again

We quarantine all items "just in case". You can leave them in the quarantine as long as you want, or you can remove them from the quarantine.

Share this post

Link to post
Share on other sites

infosponge   

infosponge
Posted

Thanks for clearing it up for me.

That is exactly what I originally thought.

I must have misinterperted something along the way.

Thanks for your patience. :)

Share this post

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
Go To Topic Listing
×
×
  • Create New...